At 10:44 29/12/2003 +1000, Peter Kiem wrote:
Just a guess ... because the From address is not
[EMAIL PROTECTED]?
I thought the from rule worked on the envelope sender of the email and not
the easily forged from header :(
You mean on the easily forged envelope sender instead of the easily forged
Once you realise this, you can see how whitelisting is easy to fool...
Which is exactly why I didn't want a whitelisting solution, just a
reduction in spam scoring.
--
Regards,
+-+-+
| Peter Kiem.^. | E-Mail: [EMAIL
Peter Kiem wrote:
header LOCAL_GOOD_SENDER_11 From =~ /[EMAIL PROTECTED]/
score LOCAL_GOOD_SENDER_11 -2.0
Return-Path: [EMAIL PROTECTED]
From: [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Why isn't the local rule being activated?
Just a guess ... because the From address is not
[EMAIL PROTECTED]?
Just a guess ... because the From address is not
[EMAIL PROTECTED]?
I thought the from rule worked on the envelope sender of the email and not
the easily forged from header :(
You might try dropping the [EMAIL PROTECTED] part of the rule and you might
have better luck.
Yeah I might do that.
On Mon, Dec 29, 2003 at 10:44:24AM +1000, Peter Kiem wrote:
Just a guess ... because the From address is not
[EMAIL PROTECTED]?
I thought the from rule worked on the envelope sender of the email and not
the easily forged from header :(
You might try dropping the [EMAIL PROTECTED] part
Peter Kiem [EMAIL PROTECTED] wrote:
I thought the from rule worked on the envelope sender of the email and not
the easily forged from header :(
What makes you think the envelope sender isn't easily forged?
--
Keith C. Ivey [EMAIL PROTECTED]
Washington, DC
Preferably not as if someone does forge it, then the mail goes straight
through...
Isn't that what whitelist_from_rcvd is for? man Mail::SpamAssassin::Conf
The point is I *DON'T* want to whitelist. I wanted just to lower the SA
scores with a local rule.
--
Regards,
What makes you think the envelope sender isn't easily forged?
OK point taken, but from what I have seen the From headers are *usually*
what are forged and not the envelope address.
--
Regards,
+-+-+
| Peter Kiem.^. |
On Mon, 29 Dec 2003, Peter Kiem wrote:
Preferably not as if someone does forge it, then the mail goes straight
through...
Isn't that what whitelist_from_rcvd is for? man Mail::SpamAssassin::Conf
The point is I *DON'T* want to whitelist. I wanted just to lower the SA
scores with a
At Mon Dec 29 01:30:45 2003, Peter Kiem wrote:
What makes you think the envelope sender isn't easily forged?
OK point taken, but from what I have seen the From headers are *usually*
what are forged and not the envelope address.
Spammers don't want any trace back to them, and they don't
Hi David,
Actually, 'whitelist_from_rcvd' is the way to go, as it will only apply
if -both- the From address and the DNS host name of the sending system
match the rule. However looking back at your first post I see that the
DNS reverse map for the 'sneezy' system is FUBAR, so you cannot use
11 matches
Mail list logo
